Re: [users@httpd] Protecting certain cgi-bin subdirectories

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/5/06, Steve Swift <steve.j.swift@xxxxxxxxx> wrote:

I'm using Apache 2.0.46 and I want to password protect all of the
subdirectories below cgi-bin.  This is easy, with:

Very old version.  You should upgrade.


<DirectoryMatch /var/www/cgi-bin/.*/>

Require valid-user

</DirectoryMatch>

This works fine, you need a userid, any userid, to get into the
subdirectories.



Now, I'd like to be more selective about who gets into the /admin
subdirectory, so I add:

<Directory /var/www/cgi-bin/admin>

Require user Swifty

</Directory>



This second step had no effect.  I could still fetch pages from
/var/www/cgi-bin/admin with any valid user.

You need to read:
http://httpd.apache.org/docs/2.2/sections.html

You'll find that <Directory> automatically protects subdirectories, so
you don't need that <DirectoryMatch> complication.  You'll also find
that the order of processing is important.  Replacing the
<DirectoryMatch> with <Directory> will probably fix your main problem
as well, since it will cause the second Require directive to be
processed last, overriding the first one, rather than vis-versa.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux